Mercurial > hg > easyhg
comparison easyhg.py @ 449:f778dfb6a42f
Hash remote destination key for auth file rather than just b64 encoding it (so you can't see where someone has been by looking at a stale authfile)
| author | Chris Cannam |
|---|---|
| date | Wed, 29 Jun 2011 13:09:01 +0100 |
| parents | 89b6ba707096 |
| children | 568abb678073 |
comparison
equal
deleted
inserted
replaced
| 448:89b6ba707096 | 449:f778dfb6a42f |
|---|---|
| 11 # modify it under the terms of the GNU General Public License as | 11 # modify it under the terms of the GNU General Public License as |
| 12 # published by the Free Software Foundation; either version 2 of the | 12 # published by the Free Software Foundation; either version 2 of the |
| 13 # License, or (at your option) any later version. See the file | 13 # License, or (at your option) any later version. See the file |
| 14 # COPYING included with this distribution for more information. | 14 # COPYING included with this distribution for more information. |
| 15 | 15 |
| 16 import sys, os, stat, urllib, urllib2, urlparse, platform | 16 import sys, os, stat, urllib, urllib2, urlparse, platform, hashlib |
| 17 | 17 |
| 18 from mercurial.i18n import _ | 18 from mercurial.i18n import _ |
| 19 from mercurial import ui, util, error | 19 from mercurial import ui, util, error |
| 20 try: | 20 try: |
| 21 from mercurial.url import passwordmgr | 21 from mercurial.url import passwordmgr |
| 127 def set_to_config(pcfg, sect, key, data): | 127 def set_to_config(pcfg, sect, key, data): |
| 128 if not pcfg.has_section(sect): | 128 if not pcfg.has_section(sect): |
| 129 pcfg.add_section(sect) | 129 pcfg.add_section(sect) |
| 130 pcfg.set(sect, key, data) | 130 pcfg.set(sect, key, data) |
| 131 | 131 |
| 132 def remote_key(uri, user): | 132 def remote_key(uri, user, key): |
| 133 # generate a "safe-for-config-file" key representing uri+user | 133 # generate a "safe-for-config-file" key representing uri+user |
| 134 # tuple (n.b. trailing = on base64 is not safe) | 134 s = '%s@@%s' % (uri, user) |
| 135 return base64.b64encode('%s@@%s' % (uri, user)).replace('=', '_') | 135 h = hashlib.sha1() |
| 136 h.update(key) | |
| 137 h.update(s) | |
| 138 return h.hexdigest() | |
| 136 | 139 |
| 137 | 140 |
| 138 def uisetup(ui): | 141 def uisetup(ui): |
| 139 if not easyhg_pyqt_ok: | 142 if not easyhg_pyqt_ok: |
| 140 raise util.Abort(_('Failed to load PyQt4 module required by easyhg.py')) | 143 raise util.Abort(_('Failed to load PyQt4 module required by easyhg.py')) |
| 205 authconfig = ConfigParser.RawConfigParser() | 208 authconfig = ConfigParser.RawConfigParser() |
| 206 load_config(authconfig, authfile) | 209 load_config(authconfig, authfile) |
| 207 remember = get_boolean_from_config(authconfig, 'preferences', | 210 remember = get_boolean_from_config(authconfig, 'preferences', |
| 208 'remember', False) | 211 'remember', False) |
| 209 authdata = get_from_config(authconfig, 'auth', | 212 authdata = get_from_config(authconfig, 'auth', |
| 210 remote_key(short_uri, user)) | 213 remote_key(short_uri, user, authkey)) |
| 211 if authdata: | 214 if authdata: |
| 212 cachedpwd = decrypt_salted(authdata, authkey) | 215 cachedpwd = decrypt_salted(authdata, authkey) |
| 213 passwd_field.setText(cachedpwd) | 216 passwd_field.setText(cachedpwd) |
| 214 remember_field = QtGui.QCheckBox() | 217 remember_field = QtGui.QCheckBox() |
| 215 remember_field.setChecked(remember) | 218 remember_field.setChecked(remember) |
| 246 remember = remember_field.isChecked() | 249 remember = remember_field.isChecked() |
| 247 set_to_config(authconfig, 'preferences', 'remember', remember) | 250 set_to_config(authconfig, 'preferences', 'remember', remember) |
| 248 if user: | 251 if user: |
| 249 if passwd and remember: | 252 if passwd and remember: |
| 250 authdata = encrypt_salted(passwd, authkey) | 253 authdata = encrypt_salted(passwd, authkey) |
| 251 set_to_config(authconfig, 'auth', remote_key(short_uri, user), authdata) | 254 set_to_config(authconfig, 'auth', remote_key(short_uri, user, authkey), authdata) |
| 252 else: | 255 else: |
| 253 set_to_config(authconfig, 'auth', remote_key(short_uri, user), '') | 256 set_to_config(authconfig, 'auth', remote_key(short_uri, user, authkey), '') |
| 254 save_config(self.ui, authconfig, authfile) | 257 save_config(self.ui, authconfig, authfile) |
| 255 | 258 |
| 256 self.add_password(realm, authuri, user, passwd) | 259 self.add_password(realm, authuri, user, passwd) |
| 257 return (user, passwd) | 260 return (user, passwd) |
| 258 | 261 |